<?
header("Content-Type:text/html;charset=utf-8");
include_once 'include/include.php';
c_create::createClass('admin');
$admin = new admin();
if ($_SESSION["Madminid"]>0)
{
	if (trim($_POST['oldMpassword'])<>"")
	{
		//修改数据的处理
		if ($_POST['Mpassword'] <> $_POST['Mpassword2'])
		{
			echo '<SCRIPT language=javascript>
				alert("错误，修改密码前后两次输入的新密码不一致！");
				window.location.href="javascript:history.back()";
			 </script>';
			 exit;
		}		
		$oldpw=trim($_POST['oldMpassword']);
		$oldpw=md5($oldpw);
		$getuserinfo = $admin->getOneAdminInfo($_SESSION["Madminid"]);
		if ($getuserinfo['Mpassword']<>$oldpw)
		{
			echo '<SCRIPT language=javascript>
				alert("修改密码输入的旧密码错误，请返回重试！");
				window.location.href="javascript:history.back()";
			 </script>';
			 exit;
		}
		$updateinfo['Mpassword']=trim($_POST['Mpassword']);
		$updateinfo['Mpassword']=md5($updateinfo['Mpassword']);
		$getcountrow = $dbconn->Query_update($updateinfo, TABLE_ADMIN, array('Madminid'=>$_POST['Madminid'],'Madmin'=>$_SESSION["Madmin"]));
		if ($getcountrow>0)
		{
			echo '<SCRIPT language=javascript>
				alert("您的密码已经成功修改，请牢记！");
				window.parent.location.href="./?action=logout";
			 </script>';
			 exit;
		}
		else{
			echo '<SCRIPT language=javascript>
				alert("密码修改出错！");
			 </script>';
		}
		//print_r($_POST);
		//exit;
	}
	//$getadmininfo = $admin->getOneAdminInfo($_SESSION["Madminid"]);
	//print_r($getadmininfo);
	//exit;
}
else
{
	die('用户未登录或登录已过期！');
}
$outvar['Madminid']=$_SESSION["Madminid"];
$outvar['Madmin']=$_SESSION["Madmin"];
outFile("changepw");
?>